Spectral-clustering-based abnormal permission assignments hunting framework

Migrating traditional access control,such as mandatory and discretionary access control,into role-based access control(RBAC)lightens a practical way to improve the user-permission management efficiency.To guarantee the security of RBAC system,it is important to generate proper roles during the migra...

Full description

Saved in:
Bibliographic Details
Main Authors: Liang FANG, Li-hua YIN, Feng-hua LI, Bin-xing FANG
Format: Article
Language:zho
Published: Editorial Department of Journal on Communications 2017-12-01
Series:Tongxin xuebao
Subjects:
Online Access:http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017285/
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1841539536509730816
author Liang FANG
Li-hua YIN
Feng-hua LI
Bin-xing FANG
author_facet Liang FANG
Li-hua YIN
Feng-hua LI
Bin-xing FANG
author_sort Liang FANG
collection DOAJ
description Migrating traditional access control,such as mandatory and discretionary access control,into role-based access control(RBAC)lightens a practical way to improve the user-permission management efficiency.To guarantee the security of RBAC system,it is important to generate proper roles during the migration.However,abnormal user-permission configurations lead to wrong roles and cause tremendous security risks.To hunt the potential abnormal user-permission configurations,a novel spectral clustering based abnormal configuration hunting framework was proposed and recommendations were given to correct these configurations.Experimental results show its performance over existing solutions.
format Article
id doaj-art-cb26381d028d4e90bab30182011203e7
institution Kabale University
issn 1000-436X
language zho
publishDate 2017-12-01
publisher Editorial Department of Journal on Communications
record_format Article
series Tongxin xuebao
spelling doaj-art-cb26381d028d4e90bab30182011203e72025-01-14T07:13:28ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2017-12-0138637259713897Spectral-clustering-based abnormal permission assignments hunting frameworkLiang FANGLi-hua YINFeng-hua LIBin-xing FANGMigrating traditional access control,such as mandatory and discretionary access control,into role-based access control(RBAC)lightens a practical way to improve the user-permission management efficiency.To guarantee the security of RBAC system,it is important to generate proper roles during the migration.However,abnormal user-permission configurations lead to wrong roles and cause tremendous security risks.To hunt the potential abnormal user-permission configurations,a novel spectral clustering based abnormal configuration hunting framework was proposed and recommendations were given to correct these configurations.Experimental results show its performance over existing solutions.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017285/access controlabnormal configurationsspectral clustering
spellingShingle Liang FANG
Li-hua YIN
Feng-hua LI
Bin-xing FANG
Spectral-clustering-based abnormal permission assignments hunting framework
Tongxin xuebao
access control
abnormal configurations
spectral clustering
title Spectral-clustering-based abnormal permission assignments hunting framework
title_full Spectral-clustering-based abnormal permission assignments hunting framework
title_fullStr Spectral-clustering-based abnormal permission assignments hunting framework
title_full_unstemmed Spectral-clustering-based abnormal permission assignments hunting framework
title_short Spectral-clustering-based abnormal permission assignments hunting framework
title_sort spectral clustering based abnormal permission assignments hunting framework
topic access control
abnormal configurations
spectral clustering
url http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017285/
work_keys_str_mv AT liangfang spectralclusteringbasedabnormalpermissionassignmentshuntingframework
AT lihuayin spectralclusteringbasedabnormalpermissionassignmentshuntingframework
AT fenghuali spectralclusteringbasedabnormalpermissionassignmentshuntingframework
AT binxingfang spectralclusteringbasedabnormalpermissionassignmentshuntingframework